CM-58331 support claude code

cycode/cli/apps/ai_guardrails/command_utils.py

@@ -12,24 +12,26 @@
 console = Console()
 
 
-def validate_and_parse_ide(ide: str) -> AIIDEType:
-    """Validate IDE parameter and convert to AIIDEType enum.
+def validate_and_parse_ide(ide: str) -> Optional[AIIDEType]:
+    """Validate IDE parameter, returning None for 'all'.
 
     Args:
-        ide: IDE name string (e.g., 'cursor')
+        ide: IDE name string (e.g., 'cursor', 'claude-code', 'all')
 
     Returns:
-        AIIDEType enum value
+        AIIDEType enum value, or None if 'all' was specified
 
     Raises:
         typer.Exit: If IDE is invalid
     """
+    if ide.lower() == 'all':
+        return None
     try:
         return AIIDEType(ide.lower())
     except ValueError:
         valid_ides = ', '.join([ide_type.value for ide_type in AIIDEType])
         console.print(
-            f'[red]Error:[/] Invalid IDE "{ide}". Supported IDEs: {valid_ides}',
+            f'[red]Error:[/] Invalid IDE "{ide}". Supported IDEs: {valid_ides}, all',
             style='bold red',
         )
         raise typer.Exit(1) from None

cycode/cli/apps/ai_guardrails/consts.py

@@ -2,12 +2,7 @@
 
 Currently supports:
 - Cursor
-
-To add a new IDE (e.g., Claude Code):
-1. Add new value to AIIDEType enum
-2. Create _get_<ide>_hooks_dir() function with platform-specific paths
-3. Add entry to IDE_CONFIGS dict with IDE-specific hook event names
-4. Unhide --ide option in commands (install, uninstall, status)
+- Claude Code
 """
 
 import platform
@@ -20,6 +15,14 @@ class AIIDEType(str, Enum):
     """Supported AI IDE types."""
 
     CURSOR = 'cursor'
+    CLAUDE_CODE = 'claude-code'
+
+
+class PolicyMode(str, Enum):
+    """Policy enforcement mode for global mode and per-feature actions."""
+
+    BLOCK = 'block'
+    WARN = 'warn'
 
 
 class IDEConfig(NamedTuple):
@@ -42,6 +45,14 @@ def _get_cursor_hooks_dir() -> Path:
     return Path.home() / '.config' / 'Cursor'
 
 
+def _get_claude_code_hooks_dir() -> Path:
+    """Get Claude Code hooks directory.
+
+    Claude Code uses ~/.claude on all platforms.
+    """
+    return Path.home() / '.claude'
+
+
 # IDE-specific configurations
 IDE_CONFIGS: dict[AIIDEType, IDEConfig] = {
     AIIDEType.CURSOR: IDEConfig(
@@ -51,6 +62,13 @@ def _get_cursor_hooks_dir() -> Path:
         hooks_file_name='hooks.json',
         hook_events=['beforeSubmitPrompt', 'beforeReadFile', 'beforeMCPExecution'],
     ),
+    AIIDEType.CLAUDE_CODE: IDEConfig(
+        name='Claude Code',
+        hooks_dir=_get_claude_code_hooks_dir(),
+        repo_hooks_subdir='.claude',
+        hooks_file_name='settings.json',
+        hook_events=['UserPromptSubmit', 'PreToolUse:Read', 'PreToolUse:mcp'],
+    ),
 }
 
 # Default IDE
@@ -60,6 +78,47 @@ def _get_cursor_hooks_dir() -> Path:
 CYCODE_SCAN_PROMPT_COMMAND = 'cycode ai-guardrails scan'
 
 
+def _get_cursor_hooks_config() -> dict:
+    """Get Cursor-specific hooks configuration."""
+    config = IDE_CONFIGS[AIIDEType.CURSOR]
+    hooks = {event: [{'command': CYCODE_SCAN_PROMPT_COMMAND}] for event in config.hook_events}
+
+    return {
+        'version': 1,
+        'hooks': hooks,
+    }
+
+
+def _get_claude_code_hooks_config() -> dict:
+    """Get Claude Code-specific hooks configuration.
+
+    Claude Code uses a different hook format with nested structure:
+    - hooks are arrays of objects with 'hooks' containing command arrays
+    - PreToolUse uses 'matcher' field to specify which tools to intercept
+    """
+    command = f'{CYCODE_SCAN_PROMPT_COMMAND} --ide claude-code'
+
+    return {
+        'hooks': {
+            'UserPromptSubmit': [
+                {
+                    'hooks': [{'type': 'command', 'command': command}],
+                }
+            ],
+            'PreToolUse': [
+                {
+                    'matcher': 'Read',
+                    'hooks': [{'type': 'command', 'command': command}],
+                },
+                {
+                    'matcher': 'mcp__.*',
+                    'hooks': [{'type': 'command', 'command': command}],
+                },
+            ],
+        },
+    }
+
+
 def get_hooks_config(ide: AIIDEType) -> dict:
     """Get the hooks configuration for a specific IDE.
 
@@ -69,10 +128,6 @@ def get_hooks_config(ide: AIIDEType) -> dict:
     Returns:
         Dict with hooks configuration for the specified IDE
     """
-    config = IDE_CONFIGS[ide]
-    hooks = {event: [{'command': CYCODE_SCAN_PROMPT_COMMAND}] for event in config.hook_events}
-
-    return {
-        'version': 1,
-        'hooks': hooks,
-    }
+    if ide == AIIDEType.CLAUDE_CODE:
+        return _get_claude_code_hooks_config()
+    return _get_cursor_hooks_config()

cycode/cli/apps/ai_guardrails/hooks_manager.py

@@ -59,9 +59,27 @@ def save_hooks_file(hooks_path: Path, hooks_config: dict) -> bool:
 
 
 def is_cycode_hook_entry(entry: dict) -> bool:
-    """Check if a hook entry is from cycode-cli."""
+    """Check if a hook entry is from cycode-cli.
+
+    Handles both Cursor format (flat) and Claude Code format (nested).
+
+    Cursor format: {"command": "cycode ai-guardrails scan"}
+    Claude Code format: {"hooks": [{"type": "command", "command": "cycode ai-guardrails scan --ide claude-code"}]}
+    """
+    # Check Cursor format (flat command)
     command = entry.get('command', '')
-    return CYCODE_SCAN_PROMPT_COMMAND in command
+    if CYCODE_SCAN_PROMPT_COMMAND in command:
+        return True
+
+    # Check Claude Code format (nested hooks array)
+    hooks = entry.get('hooks', [])
+    for hook in hooks:
+        if isinstance(hook, dict):
+            hook_command = hook.get('command', '')
+            if CYCODE_SCAN_PROMPT_COMMAND in hook_command:
+                return True
+
+    return False
 
 
 def install_hooks(
@@ -185,7 +203,15 @@ def get_hooks_status(scope: str = 'user', repo_path: Optional[Path] = None, ide:
     ide_config = IDE_CONFIGS[ide]
     has_cycode_hooks = False
     for event in ide_config.hook_events:
-        entries = existing.get('hooks', {}).get(event, [])
+        # Handle event:matcher format
+        if ':' in event:
+            actual_event, matcher_prefix = event.split(':', 1)
+            all_entries = existing.get('hooks', {}).get(actual_event, [])
+            # Filter entries by matcher
+            entries = [e for e in all_entries if e.get('matcher', '').startswith(matcher_prefix)]
+        else:
+            entries = existing.get('hooks', {}).get(event, [])
+
         cycode_entries = [e for e in entries if is_cycode_hook_entry(e)]
         if cycode_entries:
             has_cycode_hooks = True

cycode/cli/apps/ai_guardrails/install_command.py

@@ -11,7 +11,7 @@
     validate_and_parse_ide,
     validate_scope,
 )
-from cycode.cli.apps.ai_guardrails.consts import IDE_CONFIGS
+from cycode.cli.apps.ai_guardrails.consts import IDE_CONFIGS, AIIDEType
 from cycode.cli.apps.ai_guardrails.hooks_manager import install_hooks
 from cycode.cli.utils.sentry import add_breadcrumb
 
@@ -30,9 +30,9 @@ def install_command(
         str,
         typer.Option(
             '--ide',
-            help='IDE to install hooks for (e.g., "cursor"). Defaults to cursor.',
+            help='IDE to install hooks for (e.g., "cursor", "claude-code", or "all" for all IDEs). Defaults to cursor.',
         ),
-    ] = 'cursor',
+    ] = AIIDEType.CURSOR,
     repo_path: Annotated[
         Optional[Path],
         typer.Option(
@@ -54,6 +54,7 @@ def install_command(
         cycode ai-guardrails install                    # Install for all projects (user scope)
         cycode ai-guardrails install --scope repo       # Install for current repo only
         cycode ai-guardrails install --ide cursor       # Install for Cursor IDE
+        cycode ai-guardrails install --ide all          # Install for all supported IDEs
         cycode ai-guardrails install --scope repo --repo-path /path/to/repo
     """
     add_breadcrumb('ai-guardrails-install')
@@ -62,17 +63,35 @@ def install_command(
     validate_scope(scope)
     repo_path = resolve_repo_path(scope, repo_path)
     ide_type = validate_and_parse_ide(ide)
-    ide_name = IDE_CONFIGS[ide_type].name
-    success, message = install_hooks(scope, repo_path, ide=ide_type)
 
-    if success:
-        console.print(f'[green]✓[/] {message}')
+    ides_to_install: list[AIIDEType] = list(AIIDEType) if ide_type is None else [ide_type]
+
+    results: list[tuple[str, bool, str]] = []
+    for current_ide in ides_to_install:
+        ide_name = IDE_CONFIGS[current_ide].name
+        success, message = install_hooks(scope, repo_path, ide=current_ide)
+        results.append((ide_name, success, message))
+
+    # Report results for each IDE
+    any_success = False
+    all_success = True
+    for _ide_name, success, message in results:
+        if success:
+            console.print(f'[green]✓[/] {message}')
+            any_success = True
+        else:
+            console.print(f'[red]✗[/] {message}', style='bold red')
+            all_success = False
+
+    if any_success:
         console.print()
         console.print('[bold]Next steps:[/]')
-        console.print(f'1. Restart {ide_name} to activate the hooks')
+        successful_ides = [name for name, success, _ in results if success]
+        ide_list = ', '.join(successful_ides)
+        console.print(f'1. Restart {ide_list} to activate the hooks')
         console.print('2. (Optional) Customize policy in ~/.cycode/ai-guardrails.yaml')
         console.print()
         console.print('[dim]The hooks will scan prompts, file reads, and MCP tool calls for secrets.[/]')
-    else:
-        console.print(f'[red]✗[/] {message}', style='bold red')
+
+    if not all_success:
         raise typer.Exit(1)